Healthcare Cybersecurity in 2026: A VP's Biggest Fears Revealed

What keeps you up at night and why? Besides meetings at 2:00 a.m. with the Philippines Oh, what keeps me up at night? People engineers hate change management they hate testing cuz it slows them down. And that's that's where you get in trouble. Like if I could preach one thing to the aspiring engineers and architects and project managers out there, technical project managers. Focus on testing user experience like stuff is so important cuz it can blow up massive projects like like at the drop of a hat. And that typically gets missed. And where it hurts you is when it when it touches the security space. So if there's a misconfiguration on a firewall cuz it wasn't tested properly or it wasn't caught during like post implementation change or smoke testing, like that's that's the stuff that's you know it doesn't keep me up at night at my current position because we're really focusing our energy on it. But I'd say industry-wide if we had to look at what are some things that would keep someone like me up at night, it's still security. And then it's talent retention. That's another area too. Again, I'm not I'm not pacing around my bedroom at 2:00 in the morning wondering who's going to quit, but long-term you you you you have to be concerned about. Yeah. You got to retain your talent. What are you What are strategies do you use to retain people? Relationship building's really important. A good boss is one that you can talk to openly. And that when there's something that The last thing I want you to do is shut down cuz you're unhappy about something. Go find another job covertly and walk out the door. Come and talk to me about it. Like I'm not going to I'm not going to fire you because you're thinking about leaving. I'm more interested in why. Why do you want to leave? What can we do to fix it? Especially my key players. Like if you're a C if you're a C player C minus player and and you come to me with something like that, like I'm probably not going to make an effort, but for my top talent, I absolutely will. And I And And And I I I encourage them to come to me. Yeah. Yeah. So, what do you I mean, how do you kind of relay that as like it's an open door without people thinking it's a trap or something? It's trust. It's just, you know, I mean, you're in the trenches with the with these guys every every day. They see how you interact with other employees, and you can tell. And that's another thing when you talk about just executive presence and and understanding your staff. I I mean, I know about my my junior engineers' kids, and maybe not their birthdays. Maybe I don't know all their kids' names, but I do know a good chunk of them. Mhm. I mean, are Would they go on vacation with you? I mean, that's a That's an interesting It's an interesting question to ask, right? Like, do do they You don't need to be their friend, but but you need to have their respect, and and then you you need to have their They need to have confidence in you um as a leader, and and and that's That's the to me the best way to retain talent. Like, sometimes uh my my top guys want just money money money money, and and like, you have to understand in big business, we don't have that flexibility at my level. We We just don't have it. There's a cycle, there's a process. We have to color in between those lines, right? And then when we get to those time gates, right? If you do your job and you meet your goals, then then I have some discretion on how I can take care of you. And I think that's a big misconception in the tech space is that just because uh you can go on some of these salary pages, and it's all cherry-picked stuff, right? Like, okay, yeah, that's This job in New York's going to pay you $50,000 more. All right, you're going to pay another 20,000 in taxes. And your rent's going to be double, You know, he's He just gave it back Yeah, he just gave it back. So, um so, it's all it's all relative, but um those are those conversations are hard, but I think to the audience, I'd say understand that we have constraints, and sometimes we can't tell you everything about that, either, right? Like, it's not something that there's things that I have to keep to myself. There's things that I I I can't share with you, whether it's business strategy or budget or or finance. I have to manage those things every day, and every month I get a scorecard. Like, here's where you're ahead, here's where you're behind. And and then I have to adjust to that. So, just giving out raises all the time is not it's just not feasible. It's I mean, you've got one, maybe two cracks a year at it, and and and that's it. So, ke- keep that in mind, but keep an open dialogue with with your manager, because that's that's the that's it's going to at least give you valid expectations of what you can and cannot do. Yeah. Or get. Have you ever been surprised at the market where a competitor came and you some guy said, "Hey, listen, they're offering whatever, 25, 30k more." Another person comes to you, "Hey, like" and then you say, "Wait a minute. Okay, we're under the market now. Now I need to do a whole HR thing for these jobs cuz we spend a lot of time benchmarking. Benchmarking has become very important, especially on the tech side, where we have to understand how the market's moving to make sure we're competitive both from a defensive posture to retain our talent, and then offensively when we want to go and and and get talent, right? So, benchmarking's been um been been super important, and and something that I've seen implemented. It's It's It's almost universal at this point in the in the the big enterprise space. Yeah. Yeah. And again, back to seen them Yeah, I've seen the the 25, 50,000 bumps. I mean, and it changes by industry. So, or or or by time period. So, I'd say 5, 10 years ago, I was seeing people that were making 120k that were junior security engineers, and they were getting like 75, 80,000 dollar bumps, right? But that's when there was ransomware in the news every week. And And And that stuff has largely been mitigated. I mean, it's not it's always a concern, but it's it's you're not it's you're not seeing it in the news like you did before. Like, now we worry about like supply side attacks, and that's it that's the that like the that's the stuff that that keeps me up at night. Like, if I Going back to your question about what keeps me up at night. If I have a vendor, and I've got an agent from that vendor on every single one of my devices, and they have sloppy change management, like it like like And if we we had CrowdStrike one, and then we had a SolarWinds one. Things have crippled airlines, power plants, cuz it's it's a it's a very common product, and one of them was was more of a The CrowdStrike one was more of a whoopsie. Someone Someone made a made a mistake with the code, but but SolarWinds, I mean, that was a very sophisticated, targeted attack, but the blast radius was so huge because so many companies use it. Wow. So. So, yeah, but so so the security is hot 5, 10 years ago. It's It's be hot. Be a a good paying career. My My master's is in cybersecurity. I But I find audits boring. Cool on the security space when you're out there threat hunting and doing code analysis and red team drills and all that stuff, but the truth is is it's more nuanced than that. There's There's more to those jobs, especially the ones that are paying 200k and above, right? Like, you're you're you're You're calls a couple hours a day. Yeah. Uh you're filling out 20 30-page forms for your customers. And it's And that's that's the the non-sexy part about the cybersecurity space, but it's critical. I mean, some of some of these certifications, you know, and and I've been in a regulated space for over a decade now. I mean, the burden is huge. You know, where you're almost bringing in third parties to do the fun stuff cuz you're so bogged down with your audits and you know, you're you're some security information gathering forms and and and all that that good stuff. So So I I moved away from that side. Like I I It It's It's part of my portfolio on the security engineering piece, right? The firewall management, uh site security. So I have responsibilities in those areas, but if you put me behind a stack of papers and said you got to do you got to do audits every every 3 months, it's just And And like for for the people out there that are looking to get into security, just keep that in mind. That's That's a big part of it. You see the high pay in cyber. Right. Yeah, yeah. You think you're going to do all this You do all this great stuff, right? Like, you know, like, all right, yeah, we're trying to break into things. It's like, no, man, here you go. You got to go get, you know, you got to audit to get high-trust certified, and it's going to take 3 months and five people, and it's going to be your life for that whole period, you know? Yeah. So, yeah. Okay, well, why don't why don't you take us home? Yeah. The infrastructure space. Um you mentioned some careers to focus on, why they won't go away in AI. Why don't you just leave us, once again, with that? I mean, what would you look at right now, 2026? Yeah, check out some of the new networking components. Well, you know, we didn't talk about We didn't talk about Nvidia. That's another area where I would look to get certified, and they've got some great material out there. Nvidia is the the 500-lb gorilla. They're not going anywhere. All of our stuff, all of our private AI, is built on Nvidia. So, understanding Nvidia AI Enterprise is is commonly what most companies use and and go learn that. Become an expert on deploying and managing AI models. That's that's that's a that's a cool area that's not going anywhere. The high-speed networking, some some of the new